Difference between revisions of "Neutron/VPNaaS/HowToInstall"
Nachi Ueno (talk | contribs) (→Setup VPN Connection) |
Nachi Ueno (talk | contribs) (→Checkout Test branches) |
||
Line 51: | Line 51: | ||
Quantum TBD | Quantum TBD | ||
+ | |||
Quantum client : https://review.openstack.org/#/c/29811/ | Quantum client : https://review.openstack.org/#/c/29811/ | ||
Revision as of 23:01, 7 June 2013
Contents
Installation
- . apt-get install strongswan
- . replace binary quantum-l3-agent to quantum-vpn-agent
Note: you can use WIP devstack for VPNaaS Devstack review is here -> https://review.openstack.org/#/c/32174/ (WIP)
git clone https://github.com/openstack-dev/devstack.git cd devstack git review -d 32174
Set localrc ( q-vpn is added)
DEST=/opt/stack disable_service n-net enable_service q-svc enable_service q-agt enable_service q-dhcp enable_service q-l3 enable_service q-meta enable_service quantum enable_service tempest enable_service q-vpn API_RATE_LIMIT=False VOLUME_BACKING_FILE_SIZE=4G FIXED_RANGE=10.1.0.0/24 FIXED_NETWORK_SIZE=256 VIRT_DRIVER=libvirt SWIFT_REPLICAS=1 export OS_NO_CACHE=True SCREEN_LOGDIR=/opt/stack/screen-logs SYSLOG=True SKIP_EXERCISES=boot_from_volume,client-env ROOTSLEEP=0 ACTIVE_TIMEOUT=60 Q_USE_SECGROUP=True BOOT_TIMEOUT=90 ASSOCIATE_TIMEOUT=60 ADMIN_PASSWORD=openstack MYSQL_PASSWORD=openstack RABBIT_PASSWORD=openstack SERVICE_PASSWORD=openstack SERVICE_TOKEN=tokentoken Q_PLUGIN=openvswitch Q_USE_DEBUG_COMMAND=True NETWORK_GATEWAY=10.1.0.1
Checkout Test branches
Quantum TBD
Quantum client : https://review.openstack.org/#/c/29811/
Run Devstack
./stack.sh
Setup Params
ROUTER_ID=`quantum router-show router1 | awk '/ id /{print $4}'` SUBNET_ID=`quantum subnet-create private 20.0.0.0/24 | awk '/ id /{print $4}'`
CLI Walkthough
Setup VPN Connection
# Create VPN Service quantum vpn-service-create --name vpn1 --router_id $ROUTER_ID --subnet_id $SUBNET_ID # List VPN Service quantum vpn-service-list # Show VPN Service quantum vpn-service-show vpn1 VPN1=`quantum vpn-service-show vpn1 | awk '/ id /{print $4}'` # Create IKE policy quantum vpn-ikepolicy-create --name ike_policy1 # List IKE policy quantum vpn-ikepolicy-list # Show IKE policy quantum vpn-ikepolicy-show ike_policy1 # Create IPSec policy quantum vpn-ipsecpolicy-create --name ipsecpolicy1 # Show IPSec policy quantum vpn-ipsecpolicy-show ike_policy1 # Create VPN Connection quantum vpn-connection-create --name vpnconnection1 vpn1 ikepolicy1 ipsecpolicy1 #List VPN Connection quantum vpn-connection-list # Show VPN Connection quantum vpn-connection-show vpnconnection1
Cleanup VPN Connection
# Delete VPN Connection quantum vpn-connection-delete vpnconnection1 # Delete VPN Service quantum vpn-service-delete $VPN1 # Remove Router Interface ( <-- This should be automatically done by VPNService ) quantum router-interface-delete $ROUTER_ID $SUBNET_ID # Delete IKE policy quantum vpn-ikepolicy-delete ike_policy1 # Delete IPSec policy quantum vpn-ipsecpolicy-delete ipsecpolicy1